You are here

Home » API reference » Access Control Kit 7 » access_grants.admin.inc

function access_grant_form in Access Control Kit 7

Form constructor for the access grant add/edit form.

Parameters

object $grant: The access grant to edit.

See also

access_grant_form_validate()

access_grant_form_submit()

access_grant_form_delete_submit()

2 string references to 'access_grant_form'
access_grant_add in ./access_grants.admin.inc
Menu page callback; add an access grant for a given scheme.
access_grant_edit in ./access_grants.admin.inc
Menu page callback; edit an access grant.

File

./access_grants.admin.inc, line 419
Access grants administrative UI for the access control kit module.

Code

function access_grant_form($form, &$form_state, $grant) {

  // During initial form build, add the grant entity to the form state for use
  // during form building and processing. During a rebuild, use what is in the
  // form state.
  if (!isset($form_state['grant'])) {
    $form_state['grant'] = $grant;
  }
  else {
    $grant = $form_state['grant'];
  }
  $is_new = empty($grant->gid);
  $admin = user_access('administer users');

  // Store the scheme property for entity_form_field_validate().
  $form['scheme'] = array(
    '#type' => 'value',
    '#value' => $grant->scheme,
  );

  // The ACK user reference field.
  $form['user'] = array(
    '#type' => 'container',
    '#weight' => -5,
    '#prefix' => '<div id="access-grant-form-user">',
    '#suffix' => '</div>',
  );
  if (!$is_new) {
    $account = user_load($grant->uid);
    $form['user']['user'] = array(
      '#type' => 'value',
      '#value' => $account->name,
    );
    $form['user']['user_display'] = array(
      '#type' => 'item',
      '#title' => t('User'),
      '#markup' => format_username($account),
    );
  }
  else {
    if (!empty($form_state['values']['user'])) {
      $account = user_load_by_name($form_state['values']['user']);
    }
    else {
      $account = FALSE;
    }
    $form['user']['user'] = array(
      '#type' => 'textfield',
      '#title' => t('User'),
      '#maxlength' => 60,
      '#required' => TRUE,
      '#autocomplete_path' => 'user/autocomplete',
      '#ajax' => array(
        'callback' => 'access_grant_form_ajax',
        'wrapper' => 'access-grant-form-role',
        'effect' => 'fade',
      ),
    );
    if ($account) {
      $form['user']['user']['#default_value'] = $account->name;
    }
  }

  // The ACK role reference field.
  $form['role'] = array(
    '#type' => 'container',
    '#weight' => -4,
    '#prefix' => '<div id="access-grant-form-role">',
    '#suffix' => '</div>',
  );
  if (!$is_new) {
    $role = user_role_load($grant->rid);
    $form['role']['role'] = array(
      '#type' => 'value',
      '#value' => $role->rid,
    );
    $form['role']['role_display'] = array(
      '#type' => 'item',
      '#title' => t('Role'),
      '#markup' => check_plain($role->name),
    );
  }
  else {
    $scheme = access_scheme_machine_name_load($grant->scheme);
    $role_options = $scheme->roles;
    if ($account) {
      foreach (array_keys($role_options) as $option) {

        // Duplicate grants (same user, role, and scheme) are not permitted.
        $duplicate = access_grant_load_by_condition(array(
          'uid' => $account->uid,
          'rid' => $option,
          'scheme' => $grant->scheme,
        ));

        // Non-admins cannot add users to new roles.
        $disallowed = !$admin && empty($account->roles[$option]);

        // Filter the role options.
        if ($duplicate || $disallowed) {
          unset($role_options[$option]);
        }
      }
    }
    $form['role']['role'] = array(
      '#type' => 'select',
      '#title' => t('Role'),
      '#options' => $role_options,
      '#required' => TRUE,
    );
    if ($admin) {
      $form['role']['role']['#description'] = t('The user will be added to this role, if not already a member.');
    }
    if (empty($role_options)) {
      if ($account) {
        $form['role']['role']['#description'] = t('No roles are available for new access grants for this user. Try editing the user\'s <a href="@url">existing grants</a> instead.', array(
          '@url' => url('admin/access'),
        ));
      }
      else {
        $form['role']['role']['#description'] = t('No roles are available for new access grants.');
      }
    }
  }
  $form['actions'] = array(
    '#type' => 'actions',
  );
  $form['actions']['submit'] = array(
    '#type' => 'submit',
    '#value' => t('Save'),
  );
  if (!$is_new) {
    $form['actions']['delete'] = array(
      '#type' => 'submit',
      '#value' => t('Delete'),
      '#submit' => array(
        'access_grant_form_delete_submit',
      ),
    );
  }
  $cancel = $is_new ? 'admin/access' : 'admin/access/grant/' . $grant->gid;
  if (isset($_GET['destination'])) {
    $cancel = drupal_get_destination();
    $cancel = $cancel['destination'];
  }
  $form['actions']['cancel'] = array(
    '#markup' => l(t('Cancel'), $cancel),
  );
  field_attach_form('access_grant', $grant, $form, $form_state);
  return $form;
}